SberBusiness, a digital platform for entrepreneurs and legal entities, is expanding its cooperation with independent security researchers. Now, the web version of the service and the mobile application for Android are available for testing as part of the Sber Bug Bounty program, hosted on the BI.ZONE Bug Bounty platform. This will allow identifying potential vulnerabilities before malicious actors can exploit them.
The amount of the reward for found bugs depends on their criticality. The maximum amount that a researcher can receive is 500 thousand rubles. This approach encourages security specialists to thoroughly check the system, and gives developers the opportunity to quickly fix the detected problems.
The security of the system, services, products and, accordingly, customers is our key priority. Participation in the Sber Bug Bounty program will help us to further maintain the maximum security of Sber's systems, tools and customer data.
The Sber Bug Bounty program already covers Sber products such as SberBank Online, SberInvestments, Sber IoT smart devices, and also includes the Sber Anti-Fraud Bug Bounty anti-fraud direction.
Sber has more than 3.4 million corporate clients throughout Russia. We are pleased that one of the key fintech companies has launched a program for entrepreneurs and legal entities on our platform and is expanding the list of resources for research. The joint work of Sber specialists and bug hunters will increase the resilience of services to current cyber threats and, in general, will help strengthen the cyber defense of the country's business.
SberBusiness remains one of the key tools for entrepreneurs: the web version is used by 2.2 million clients monthly, and the mobile application collects 1.3 million users, with 610 thousand accessing it daily. The service provides a full range of banking services for business, including payments, lending and financial management.
Earlier, www1.ru reported on the start of the third stage of the hunt for vulnerabilities in government services.
Read more materials on the topic:
MERA Code: the first open benchmark for evaluating Russian-language AI models in programming
Deputy Dmitry Gusev proposed creating a tool for transferring data from WhatsApp and Telegram to MAX